Copilot Spoofing Vulnerability in Microsoft Products
CVE-2025-59272

6.5MEDIUM

Key Information:

Vendor

Microsoft

Vendor
CVE Published:
9 October 2025

What is CVE-2025-59272?

The Copilot Spoofing Vulnerability presents a significant risk by allowing malicious actors to impersonate the Copilot feature in Microsoft products, potentially misguiding users and leading to unauthorized actions. This vulnerability emphasizes the importance of implementing strong authentication mechanisms and user awareness to safeguard against such deceptive tactics.

Affected Version(s)

Microsoft 365 Copilot's Business Chat Unknown

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-59272 : Copilot Spoofing Vulnerability in Microsoft Products